]> git.proxmox.com Git - proxmox-backup.git/blob - src/bin/proxmox-backup-client.rs
projects / proxmox-backup.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
src/bin/proxmox-backup-client.rs: implement login/logout
[proxmox-backup.git] / src / bin / proxmox-backup-client.rs
1 //#[macro_use]
2 extern crate proxmox_backup;
3
4 use failure::*;
5 //use std::os::unix::io::AsRawFd;
6 use chrono::{Local, Utc, TimeZone};
7 use std::path::{Path, PathBuf};
8 use std::collections::{HashSet, HashMap};
9 use std::io::Write;
10 use std::os::unix::fs::OpenOptionsExt;
11
12 use proxmox::tools::fs::{file_get_contents, file_get_json, file_set_contents, image_size};
13
14 use proxmox_backup::tools;
15 use proxmox_backup::cli::*;
16 use proxmox_backup::api2::types::*;
17 use proxmox_backup::api_schema::*;
18 use proxmox_backup::api_schema::router::*;
19 use proxmox_backup::client::*;
20 use proxmox_backup::backup::*;
21 use proxmox_backup::pxar::{ self, catalog::* };
22
23 //use proxmox_backup::backup::image_index::*;
24 //use proxmox_backup::config::datastore;
25 //use proxmox_backup::pxar::encoder::*;
26 //use proxmox_backup::backup::datastore::*;
27
28 use serde_json::{json, Value};
29 //use hyper::Body;
30 use std::sync::{Arc, Mutex};
31 use regex::Regex;
32 use xdg::BaseDirectories;
33
34 use lazy_static::lazy_static;
35 use futures::*;
36 use tokio::sync::mpsc;
37
38 lazy_static! {
39 static ref BACKUPSPEC_REGEX: Regex = Regex::new(r"^([a-zA-Z0-9_-]+\.(?:pxar|img|conf|log)):(.+)$").unwrap();
40
41 static ref REPO_URL_SCHEMA: Arc<Schema> = Arc::new(
42 StringSchema::new("Repository URL.")
43 .format(BACKUP_REPO_URL.clone())
44 .max_length(256)
45 .into()
46 );
47 }
48
49
50 fn get_default_repository() -> Option<String> {
51 std::env::var("PBS_REPOSITORY").ok()
52 }
53
54 fn extract_repository_from_value(
55 param: &Value,
56 ) -> Result<BackupRepository, Error> {
57
58 let repo_url = param["repository"]
59 .as_str()
60 .map(String::from)
61 .or_else(get_default_repository)
62 .ok_or_else(|| format_err!("unable to get (default) repository"))?;
63
64 let repo: BackupRepository = repo_url.parse()?;
65
66 Ok(repo)
67 }
68
69 fn extract_repository_from_map(
70 param: &HashMap<String, String>,
71 ) -> Option<BackupRepository> {
72
73 param.get("repository")
74 .map(String::from)
75 .or_else(get_default_repository)
76 .and_then(|repo_url| repo_url.parse::<BackupRepository>().ok())
77 }
78
79 fn record_repository(repo: &BackupRepository) {
80
81 let base = match BaseDirectories::with_prefix("proxmox-backup") {
82 Ok(v) => v,
83 _ => return,
84 };
85
86 // usually $HOME/.cache/proxmox-backup/repo-list
87 let path = match base.place_cache_file("repo-list") {
88 Ok(v) => v,
89 _ => return,
90 };
91
92 let mut data = file_get_json(&path, None).unwrap_or(json!({}));
93
94 let repo = repo.to_string();
95
96 data[&repo] = json!{ data[&repo].as_i64().unwrap_or(0) + 1 };
97
98 let mut map = serde_json::map::Map::new();
99
100 loop {
101 let mut max_used = 0;
102 let mut max_repo = None;
103 for (repo, count) in data.as_object().unwrap() {
104 if map.contains_key(repo) { continue; }
105 if let Some(count) = count.as_i64() {
106 if count > max_used {
107 max_used = count;
108 max_repo = Some(repo);
109 }
110 }
111 }
112 if let Some(repo) = max_repo {
113 map.insert(repo.to_owned(), json!(max_used));
114 } else {
115 break;
116 }
117 if map.len() > 10 { // store max. 10 repos
118 break;
119 }
120 }
121
122 let new_data = json!(map);
123
124 let _ = file_set_contents(path, new_data.to_string().as_bytes(), None);
125 }
126
127 fn complete_repository(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
128
129 let mut result = vec![];
130
131 let base = match BaseDirectories::with_prefix("proxmox-backup") {
132 Ok(v) => v,
133 _ => return result,
134 };
135
136 // usually $HOME/.cache/proxmox-backup/repo-list
137 let path = match base.place_cache_file("repo-list") {
138 Ok(v) => v,
139 _ => return result,
140 };
141
142 let data = file_get_json(&path, None).unwrap_or(json!({}));
143
144 if let Some(map) = data.as_object() {
145 for (repo, _count) in map {
146 result.push(repo.to_owned());
147 }
148 }
149
150 result
151 }
152
153 fn backup_directory<P: AsRef<Path>>(
154 client: &BackupClient,
155 dir_path: P,
156 archive_name: &str,
157 chunk_size: Option<usize>,
158 device_set: Option<HashSet<u64>>,
159 verbose: bool,
160 skip_lost_and_found: bool,
161 crypt_config: Option<Arc<CryptConfig>>,
162 catalog: Arc<Mutex<SimpleCatalog>>,
163 ) -> Result<BackupStats, Error> {
164
165 let pxar_stream = PxarBackupStream::open(dir_path.as_ref(), device_set, verbose, skip_lost_and_found, catalog)?;
166 let chunk_stream = ChunkStream::new(pxar_stream, chunk_size);
167
168 let (tx, rx) = mpsc::channel(10); // allow to buffer 10 chunks
169
170 let stream = rx
171 .map_err(Error::from)
172 .and_then(|x| x); // flatten
173
174 // spawn chunker inside a separate task so that it can run parallel
175 tokio::spawn(
176 tx.send_all(chunk_stream.then(|r| Ok(r)))
177 .map_err(|_| {}).map(|_| ())
178 );
179
180 let stats = client.upload_stream(archive_name, stream, "dynamic", None, crypt_config).wait()?;
181
182 Ok(stats)
183 }
184
185 fn backup_image<P: AsRef<Path>>(
186 client: &BackupClient,
187 image_path: P,
188 archive_name: &str,
189 image_size: u64,
190 chunk_size: Option<usize>,
191 _verbose: bool,
192 crypt_config: Option<Arc<CryptConfig>>,
193 ) -> Result<BackupStats, Error> {
194
195 let path = image_path.as_ref().to_owned();
196
197 let file = tokio::fs::File::open(path).wait()?;
198
199 let stream = tokio::codec::FramedRead::new(file, tokio::codec::BytesCodec::new())
200 .map_err(Error::from);
201
202 let stream = FixedChunkStream::new(stream, chunk_size.unwrap_or(4*1024*1024));
203
204 let stats = client.upload_stream(archive_name, stream, "fixed", Some(image_size), crypt_config).wait()?;
205
206 Ok(stats)
207 }
208
209 fn strip_server_file_expenstion(name: &str) -> String {
210
211 if name.ends_with(".didx") {
212 return name[..name.len()-5].to_owned();
213 } else if name.ends_with(".fidx") {
214 return name[..name.len()-5].to_owned();
215 } else if name.ends_with(".blob") {
216 return name[..name.len()-5].to_owned();
217 } else {
218 return name.to_owned(); // should not happen
219 }
220 }
221
222 fn list_backup_groups(
223 param: Value,
224 _info: &ApiMethod,
225 _rpcenv: &mut dyn RpcEnvironment,
226 ) -> Result<Value, Error> {
227
228 let repo = extract_repository_from_value(&param)?;
229
230 let client = HttpClient::new(repo.host(), repo.user())?;
231
232 let path = format!("api2/json/admin/datastore/{}/groups", repo.store());
233
234 let mut result = client.get(&path, None).wait()?;
235
236 record_repository(&repo);
237
238 // fixme: implement and use output formatter instead ..
239 let list = result["data"].as_array_mut().unwrap();
240
241 list.sort_unstable_by(|a, b| {
242 let a_id = a["backup-id"].as_str().unwrap();
243 let a_backup_type = a["backup-type"].as_str().unwrap();
244 let b_id = b["backup-id"].as_str().unwrap();
245 let b_backup_type = b["backup-type"].as_str().unwrap();
246
247 let type_order = a_backup_type.cmp(b_backup_type);
248 if type_order == std::cmp::Ordering::Equal {
249 a_id.cmp(b_id)
250 } else {
251 type_order
252 }
253 });
254
255 let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
256
257 let mut result = vec![];
258
259 for item in list {
260
261 let id = item["backup-id"].as_str().unwrap();
262 let btype = item["backup-type"].as_str().unwrap();
263 let epoch = item["last-backup"].as_i64().unwrap();
264 let last_backup = Utc.timestamp(epoch, 0);
265 let backup_count = item["backup-count"].as_u64().unwrap();
266
267 let group = BackupGroup::new(btype, id);
268
269 let path = group.group_path().to_str().unwrap().to_owned();
270
271 let files = item["files"].as_array().unwrap().iter()
272 .map(|v| strip_server_file_expenstion(v.as_str().unwrap())).collect();
273
274 if output_format == "text" {
275 println!(
276 "{:20} | {} | {:5} | {}",
277 path,
278 BackupDir::backup_time_to_string(last_backup),
279 backup_count,
280 tools::join(&files, ' '),
281 );
282 } else {
283 result.push(json!({
284 "backup-type": btype,
285 "backup-id": id,
286 "last-backup": epoch,
287 "backup-count": backup_count,
288 "files": files,
289 }));
290 }
291 }
292
293 if output_format != "text" { format_and_print_result(&result.into(), &output_format); }
294
295 Ok(Value::Null)
296 }
297
298 fn list_snapshots(
299 param: Value,
300 _info: &ApiMethod,
301 _rpcenv: &mut dyn RpcEnvironment,
302 ) -> Result<Value, Error> {
303
304 let repo = extract_repository_from_value(&param)?;
305
306 let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
307
308 let client = HttpClient::new(repo.host(), repo.user())?;
309
310 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
311
312 let mut args = json!({});
313 if let Some(path) = param["group"].as_str() {
314 let group = BackupGroup::parse(path)?;
315 args["backup-type"] = group.backup_type().into();
316 args["backup-id"] = group.backup_id().into();
317 }
318
319 let result = client.get(&path, Some(args)).wait()?;
320
321 record_repository(&repo);
322
323 let list = result["data"].as_array().unwrap();
324
325 let mut result = vec![];
326
327 for item in list {
328
329 let id = item["backup-id"].as_str().unwrap();
330 let btype = item["backup-type"].as_str().unwrap();
331 let epoch = item["backup-time"].as_i64().unwrap();
332
333 let snapshot = BackupDir::new(btype, id, epoch);
334
335 let path = snapshot.relative_path().to_str().unwrap().to_owned();
336
337 let files = item["files"].as_array().unwrap().iter()
338 .map(|v| strip_server_file_expenstion(v.as_str().unwrap())).collect();
339
340 if output_format == "text" {
341 let size_str = if let Some(size) = item["size"].as_u64() {
342 size.to_string()
343 } else {
344 String::from("-")
345 };
346 println!("{} | {} | {}", path, size_str, tools::join(&files, ' '));
347 } else {
348 let mut data = json!({
349 "backup-type": btype,
350 "backup-id": id,
351 "backup-time": epoch,
352 "files": files,
353 });
354 if let Some(size) = item["size"].as_u64() {
355 data["size"] = size.into();
356 }
357 result.push(data);
358 }
359 }
360
361 if output_format != "text" { format_and_print_result(&result.into(), &output_format); }
362
363 Ok(Value::Null)
364 }
365
366 fn forget_snapshots(
367 param: Value,
368 _info: &ApiMethod,
369 _rpcenv: &mut dyn RpcEnvironment,
370 ) -> Result<Value, Error> {
371
372 let repo = extract_repository_from_value(&param)?;
373
374 let path = tools::required_string_param(&param, "snapshot")?;
375 let snapshot = BackupDir::parse(path)?;
376
377 let mut client = HttpClient::new(repo.host(), repo.user())?;
378
379 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
380
381 let result = client.delete(&path, Some(json!({
382 "backup-type": snapshot.group().backup_type(),
383 "backup-id": snapshot.group().backup_id(),
384 "backup-time": snapshot.backup_time().timestamp(),
385 }))).wait()?;
386
387 record_repository(&repo);
388
389 Ok(result)
390 }
391
392 fn api_login(
393 param: Value,
394 _info: &ApiMethod,
395 _rpcenv: &mut dyn RpcEnvironment,
396 ) -> Result<Value, Error> {
397
398 let repo = extract_repository_from_value(&param)?;
399
400 let client = HttpClient::new(repo.host(), repo.user())?;
401 client.login().wait()?;
402
403 record_repository(&repo);
404
405 Ok(Value::Null)
406 }
407
408 fn api_logout(
409 param: Value,
410 _info: &ApiMethod,
411 _rpcenv: &mut dyn RpcEnvironment,
412 ) -> Result<Value, Error> {
413
414 let repo = extract_repository_from_value(&param)?;
415
416 delete_ticket_info(repo.host(), repo.user())?;
417
418 Ok(Value::Null)
419 }
420
421 fn dump_catalog(
422 param: Value,
423 _info: &ApiMethod,
424 _rpcenv: &mut dyn RpcEnvironment,
425 ) -> Result<Value, Error> {
426
427 let repo = extract_repository_from_value(&param)?;
428
429 let path = tools::required_string_param(&param, "snapshot")?;
430 let snapshot = BackupDir::parse(path)?;
431
432 let keyfile = param["keyfile"].as_str().map(|p| PathBuf::from(p));
433
434 let crypt_config = match keyfile {
435 None => None,
436 Some(path) => {
437 let (key, _) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
438 Some(Arc::new(CryptConfig::new(key)?))
439 }
440 };
441
442 let client = HttpClient::new(repo.host(), repo.user())?;
443
444 let client = client.start_backup_reader(
445 repo.store(),
446 &snapshot.group().backup_type(),
447 &snapshot.group().backup_id(),
448 snapshot.backup_time(), true).wait()?;
449
450 let writer = Vec::with_capacity(1024*1024);
451 let blob_data = client.download("catalog.blob", writer).wait()?;
452 let blob = DataBlob::from_raw(blob_data)?;
453 blob.verify_crc()?;
454
455 let raw_data = match crypt_config {
456 Some(ref crypt_config) => blob.decode(Some(crypt_config))?,
457 None => blob.decode(None)?,
458 };
459
460 let slice = &raw_data[..];
461 let mut catalog_reader = pxar::catalog::SimpleCatalogReader::new(slice);
462
463 catalog_reader.dump()?;
464
465 record_repository(&repo);
466
467 Ok(Value::Null)
468 }
469
470 fn list_snapshot_files(
471 param: Value,
472 _info: &ApiMethod,
473 _rpcenv: &mut dyn RpcEnvironment,
474 ) -> Result<Value, Error> {
475
476 let repo = extract_repository_from_value(&param)?;
477
478 let path = tools::required_string_param(&param, "snapshot")?;
479 let snapshot = BackupDir::parse(path)?;
480
481 let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
482
483 let client = HttpClient::new(repo.host(), repo.user())?;
484
485 let path = format!("api2/json/admin/datastore/{}/files", repo.store());
486
487 let mut result = client.get(&path, Some(json!({
488 "backup-type": snapshot.group().backup_type(),
489 "backup-id": snapshot.group().backup_id(),
490 "backup-time": snapshot.backup_time().timestamp(),
491 }))).wait()?;
492
493 record_repository(&repo);
494
495 let list: Value = result["data"].take();
496
497 if output_format == "text" {
498 for item in list.as_array().unwrap().iter() {
499 println!(
500 "{} {}",
501 strip_server_file_expenstion(item["filename"].as_str().unwrap()),
502 item["size"].as_u64().unwrap_or(0),
503 );
504 }
505 } else {
506 format_and_print_result(&list, &output_format);
507 }
508
509 Ok(Value::Null)
510 }
511
512 fn start_garbage_collection(
513 param: Value,
514 _info: &ApiMethod,
515 _rpcenv: &mut dyn RpcEnvironment,
516 ) -> Result<Value, Error> {
517
518 let repo = extract_repository_from_value(&param)?;
519
520 let mut client = HttpClient::new(repo.host(), repo.user())?;
521
522 let path = format!("api2/json/admin/datastore/{}/gc", repo.store());
523
524 let result = client.post(&path, None).wait()?;
525
526 record_repository(&repo);
527
528 Ok(result)
529 }
530
531 fn parse_backupspec(value: &str) -> Result<(&str, &str), Error> {
532
533 if let Some(caps) = BACKUPSPEC_REGEX.captures(value) {
534 return Ok((caps.get(1).unwrap().as_str(), caps.get(2).unwrap().as_str()));
535 }
536 bail!("unable to parse directory specification '{}'", value);
537 }
538
539 fn create_backup(
540 param: Value,
541 _info: &ApiMethod,
542 _rpcenv: &mut dyn RpcEnvironment,
543 ) -> Result<Value, Error> {
544
545 let repo = extract_repository_from_value(&param)?;
546
547 let backupspec_list = tools::required_array_param(&param, "backupspec")?;
548
549 let all_file_systems = param["all-file-systems"].as_bool().unwrap_or(false);
550
551 let skip_lost_and_found = param["skip-lost-and-found"].as_bool().unwrap_or(false);
552
553 let verbose = param["verbose"].as_bool().unwrap_or(false);
554
555 let backup_time_opt = param["backup-time"].as_i64();
556
557 let chunk_size_opt = param["chunk-size"].as_u64().map(|v| (v*1024) as usize);
558
559 if let Some(size) = chunk_size_opt {
560 verify_chunk_size(size)?;
561 }
562
563 let keyfile = param["keyfile"].as_str().map(|p| PathBuf::from(p));
564
565 let backup_id = param["backup-id"].as_str().unwrap_or(&proxmox::tools::nodename());
566
567 let backup_type = param["backup-type"].as_str().unwrap_or("host");
568
569 let include_dev = param["include-dev"].as_array();
570
571 let mut devices = if all_file_systems { None } else { Some(HashSet::new()) };
572
573 if let Some(include_dev) = include_dev {
574 if all_file_systems {
575 bail!("option 'all-file-systems' conflicts with option 'include-dev'");
576 }
577
578 let mut set = HashSet::new();
579 for path in include_dev {
580 let path = path.as_str().unwrap();
581 let stat = nix::sys::stat::stat(path)
582 .map_err(|err| format_err!("fstat {:?} failed - {}", path, err))?;
583 set.insert(stat.st_dev);
584 }
585 devices = Some(set);
586 }
587
588 let mut upload_list = vec![];
589
590 enum BackupType { PXAR, IMAGE, CONFIG, LOGFILE };
591
592 for backupspec in backupspec_list {
593 let (target, filename) = parse_backupspec(backupspec.as_str().unwrap())?;
594
595 use std::os::unix::fs::FileTypeExt;
596
597 let metadata = match std::fs::metadata(filename) {
598 Ok(m) => m,
599 Err(err) => bail!("unable to access '{}' - {}", filename, err),
600 };
601 let file_type = metadata.file_type();
602
603 let extension = target.rsplit('.').next()
604 .ok_or(format_err!("missing target file extenion '{}'", target))?;
605
606 match extension {
607 "pxar" => {
608 if !file_type.is_dir() {
609 bail!("got unexpected file type (expected directory)");
610 }
611 upload_list.push((BackupType::PXAR, filename.to_owned(), format!("{}.didx", target), 0));
612 }
613 "img" => {
614
615 if !(file_type.is_file() || file_type.is_block_device()) {
616 bail!("got unexpected file type (expected file or block device)");
617 }
618
619 let size = image_size(&PathBuf::from(filename))?;
620
621 if size == 0 { bail!("got zero-sized file '{}'", filename); }
622
623 upload_list.push((BackupType::IMAGE, filename.to_owned(), format!("{}.fidx", target), size));
624 }
625 "conf" => {
626 if !file_type.is_file() {
627 bail!("got unexpected file type (expected regular file)");
628 }
629 upload_list.push((BackupType::CONFIG, filename.to_owned(), format!("{}.blob", target), metadata.len()));
630 }
631 "log" => {
632 if !file_type.is_file() {
633 bail!("got unexpected file type (expected regular file)");
634 }
635 upload_list.push((BackupType::LOGFILE, filename.to_owned(), format!("{}.blob", target), metadata.len()));
636 }
637 _ => {
638 bail!("got unknown archive extension '{}'", extension);
639 }
640 }
641 }
642
643 let backup_time = Utc.timestamp(backup_time_opt.unwrap_or(Utc::now().timestamp()), 0);
644
645 let client = HttpClient::new(repo.host(), repo.user())?;
646 record_repository(&repo);
647
648 println!("Starting backup: {}/{}/{}", backup_type, backup_id, BackupDir::backup_time_to_string(backup_time));
649
650 println!("Client name: {}", proxmox::tools::nodename());
651
652 let start_time = Local::now();
653
654 println!("Starting protocol: {}", start_time.to_rfc3339_opts(chrono::SecondsFormat::Secs, false));
655
656 let (crypt_config, rsa_encrypted_key) = match keyfile {
657 None => (None, None),
658 Some(path) => {
659 let (key, created) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
660
661 let crypt_config = CryptConfig::new(key)?;
662
663 let path = master_pubkey_path()?;
664 if path.exists() {
665 let pem_data = file_get_contents(&path)?;
666 let rsa = openssl::rsa::Rsa::public_key_from_pem(&pem_data)?;
667 let enc_key = crypt_config.generate_rsa_encoded_key(rsa, created)?;
668 (Some(Arc::new(crypt_config)), Some(enc_key))
669 } else {
670 (Some(Arc::new(crypt_config)), None)
671 }
672 }
673 };
674
675 let client = client.start_backup(repo.store(), backup_type, &backup_id, backup_time, verbose).wait()?;
676
677 let mut file_list = vec![];
678
679 let catalog_filename = format!("/tmp/pbs-catalog-{}.cat", std::process::id());
680 let catalog = Arc::new(Mutex::new(SimpleCatalog::new(&catalog_filename)?));
681 let mut upload_catalog = false;
682
683 for (backup_type, filename, target, size) in upload_list {
684 match backup_type {
685 BackupType::CONFIG => {
686 println!("Upload config file '{}' to '{:?}' as {}", filename, repo, target);
687 let stats = client.upload_blob_from_file(&filename, &target, crypt_config.clone(), true).wait()?;
688 file_list.push((target, stats));
689 }
690 BackupType::LOGFILE => { // fixme: remove - not needed anymore ?
691 println!("Upload log file '{}' to '{:?}' as {}", filename, repo, target);
692 let stats = client.upload_blob_from_file(&filename, &target, crypt_config.clone(), true).wait()?;
693 file_list.push((target, stats));
694 }
695 BackupType::PXAR => {
696 upload_catalog = true;
697 println!("Upload directory '{}' to '{:?}' as {}", filename, repo, target);
698 catalog.lock().unwrap().start_directory(std::ffi::CString::new(target.as_str())?.as_c_str())?;
699 let stats = backup_directory(
700 &client,
701 &filename,
702 &target,
703 chunk_size_opt,
704 devices.clone(),
705 verbose,
706 skip_lost_and_found,
707 crypt_config.clone(),
708 catalog.clone(),
709 )?;
710 file_list.push((target, stats));
711 catalog.lock().unwrap().end_directory()?;
712 }
713 BackupType::IMAGE => {
714 println!("Upload image '{}' to '{:?}' as {}", filename, repo, target);
715 let stats = backup_image(
716 &client,
717 &filename,
718 &target,
719 size,
720 chunk_size_opt,
721 verbose,
722 crypt_config.clone(),
723 )?;
724 file_list.push((target, stats));
725 }
726 }
727 }
728
729 // finalize and upload catalog
730 if upload_catalog {
731 let mutex = Arc::try_unwrap(catalog)
732 .map_err(|_| format_err!("unable to get catalog (still used)"))?;
733 drop(mutex); // close catalog
734
735 let target = "catalog.blob";
736 let stats = client.upload_blob_from_file(&catalog_filename, target, crypt_config.clone(), true).wait()?;
737 file_list.push((target.to_owned(), stats));
738
739 let _ = std::fs::remove_file(&catalog_filename);
740 }
741
742 if let Some(rsa_encrypted_key) = rsa_encrypted_key {
743 let target = "rsa-encrypted.key";
744 println!("Upload RSA encoded key to '{:?}' as {}", repo, target);
745 let stats = client.upload_blob_from_data(rsa_encrypted_key, target, None, false, false).wait()?;
746 file_list.push((format!("{}.blob", target), stats));
747
748 // openssl rsautl -decrypt -inkey master-private.pem -in rsa-encrypted.key -out t
749 /*
750 let mut buffer2 = vec![0u8; rsa.size() as usize];
751 let pem_data = file_get_contents("master-private.pem")?;
752 let rsa = openssl::rsa::Rsa::private_key_from_pem(&pem_data)?;
753 let len = rsa.private_decrypt(&buffer, &mut buffer2, openssl::rsa::Padding::PKCS1)?;
754 println!("TEST {} {:?}", len, buffer2);
755 */
756 }
757
758 // create index.json
759 let file_list = file_list.iter()
760 .fold(vec![], |mut acc, (filename, stats)| {
761 acc.push(json!({
762 "filename": filename,
763 "size": stats.size,
764 "csum": proxmox::tools::digest_to_hex(&stats.csum),
765 }));
766 acc
767 });
768
769 let index = json!({
770 "backup-type": backup_type,
771 "backup-id": backup_id,
772 "backup-time": backup_time.timestamp(),
773 "files": file_list,
774 });
775
776 println!("Upload index.json to '{:?}'", repo);
777 let index_data = serde_json::to_string_pretty(&index)?.into();
778 client.upload_blob_from_data(index_data, "index.json.blob", crypt_config.clone(), true, true).wait()?;
779
780 client.finish().wait()?;
781
782 let end_time = Local::now();
783 let elapsed = end_time.signed_duration_since(start_time);
784 println!("Duration: {}", elapsed);
785
786 println!("End Time: {}", end_time.to_rfc3339_opts(chrono::SecondsFormat::Secs, false));
787
788 Ok(Value::Null)
789 }
790
791 fn complete_backup_source(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
792
793 let mut result = vec![];
794
795 let data: Vec<&str> = arg.splitn(2, ':').collect();
796
797 if data.len() != 2 {
798 result.push(String::from("root.pxar:/"));
799 result.push(String::from("etc.pxar:/etc"));
800 return result;
801 }
802
803 let files = tools::complete_file_name(data[1], param);
804
805 for file in files {
806 result.push(format!("{}:{}", data[0], file));
807 }
808
809 result
810 }
811
812 fn restore(
813 param: Value,
814 _info: &ApiMethod,
815 _rpcenv: &mut dyn RpcEnvironment,
816 ) -> Result<Value, Error> {
817
818 let repo = extract_repository_from_value(&param)?;
819
820 let verbose = param["verbose"].as_bool().unwrap_or(false);
821
822 let allow_existing_dirs = param["allow-existing-dirs"].as_bool().unwrap_or(false);
823
824 let archive_name = tools::required_string_param(&param, "archive-name")?;
825
826 let client = HttpClient::new(repo.host(), repo.user())?;
827
828 record_repository(&repo);
829
830 let path = tools::required_string_param(&param, "snapshot")?;
831
832 let (backup_type, backup_id, backup_time) = if path.matches('/').count() == 1 {
833 let group = BackupGroup::parse(path)?;
834
835 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
836 let result = client.get(&path, Some(json!({
837 "backup-type": group.backup_type(),
838 "backup-id": group.backup_id(),
839 }))).wait()?;
840
841 let list = result["data"].as_array().unwrap();
842 if list.len() == 0 {
843 bail!("backup group '{}' does not contain any snapshots:", path);
844 }
845
846 let epoch = list[0]["backup-time"].as_i64().unwrap();
847 let backup_time = Utc.timestamp(epoch, 0);
848 (group.backup_type().to_owned(), group.backup_id().to_owned(), backup_time)
849 } else {
850 let snapshot = BackupDir::parse(path)?;
851 (snapshot.group().backup_type().to_owned(), snapshot.group().backup_id().to_owned(), snapshot.backup_time())
852 };
853
854 let target = tools::required_string_param(&param, "target")?;
855 let target = if target == "-" { None } else { Some(target) };
856
857 let keyfile = param["keyfile"].as_str().map(|p| PathBuf::from(p));
858
859 let crypt_config = match keyfile {
860 None => None,
861 Some(path) => {
862 let (key, _) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
863 Some(Arc::new(CryptConfig::new(key)?))
864 }
865 };
866
867 let server_archive_name = if archive_name.ends_with(".pxar") {
868 format!("{}.didx", archive_name)
869 } else if archive_name.ends_with(".img") {
870 format!("{}.fidx", archive_name)
871 } else {
872 format!("{}.blob", archive_name)
873 };
874
875 let client = client.start_backup_reader(repo.store(), &backup_type, &backup_id, backup_time, true).wait()?;
876
877 let tmpfile = std::fs::OpenOptions::new()
878 .write(true)
879 .read(true)
880 .custom_flags(libc::O_TMPFILE)
881 .open("/tmp")?;
882
883 if server_archive_name.ends_with(".blob") {
884
885 let writer = Vec::with_capacity(1024*1024);
886 let blob_data = client.download(&server_archive_name, writer).wait()?;
887 let blob = DataBlob::from_raw(blob_data)?;
888 blob.verify_crc()?;
889
890 let raw_data = match crypt_config {
891 Some(ref crypt_config) => blob.decode(Some(crypt_config))?,
892 None => blob.decode(None)?,
893 };
894
895 if let Some(target) = target {
896 file_set_contents(target, &raw_data, None)?;
897 } else {
898 let stdout = std::io::stdout();
899 let mut writer = stdout.lock();
900 writer.write_all(&raw_data)
901 .map_err(|err| format_err!("unable to pipe data - {}", err))?;
902 }
903
904 } else if server_archive_name.ends_with(".didx") {
905 let tmpfile = client.download(&server_archive_name, tmpfile).wait()?;
906
907 let index = DynamicIndexReader::new(tmpfile)
908 .map_err(|err| format_err!("unable to read dynamic index '{}' - {}", archive_name, err))?;
909
910 let most_used = index.find_most_used_chunks(8);
911
912 let chunk_reader = RemoteChunkReader::new(client.clone(), crypt_config, most_used);
913
914 let mut reader = BufferedDynamicReader::new(index, chunk_reader);
915
916 if let Some(target) = target {
917
918 let feature_flags = pxar::flags::DEFAULT;
919 let mut decoder = pxar::SequentialDecoder::new(&mut reader, feature_flags, |path| {
920 if verbose {
921 println!("{:?}", path);
922 }
923 Ok(())
924 });
925 decoder.set_allow_existing_dirs(allow_existing_dirs);
926
927
928 decoder.restore(Path::new(target), &Vec::new())?;
929 } else {
930 let stdout = std::io::stdout();
931 let mut writer = stdout.lock();
932
933 std::io::copy(&mut reader, &mut writer)
934 .map_err(|err| format_err!("unable to pipe data - {}", err))?;
935 }
936 } else if server_archive_name.ends_with(".fidx") {
937 let tmpfile = client.download(&server_archive_name, tmpfile).wait()?;
938
939 let index = FixedIndexReader::new(tmpfile)
940 .map_err(|err| format_err!("unable to read fixed index '{}' - {}", archive_name, err))?;
941
942 let most_used = index.find_most_used_chunks(8);
943
944 let chunk_reader = RemoteChunkReader::new(client.clone(), crypt_config, most_used);
945
946 let mut reader = BufferedFixedReader::new(index, chunk_reader);
947
948 if let Some(target) = target {
949 let mut writer = std::fs::OpenOptions::new()
950 .write(true)
951 .create(true)
952 .create_new(true)
953 .open(target)
954 .map_err(|err| format_err!("unable to create target file {:?} - {}", target, err))?;
955
956 std::io::copy(&mut reader, &mut writer)
957 .map_err(|err| format_err!("unable to store data - {}", err))?;
958 } else {
959 let stdout = std::io::stdout();
960 let mut writer = stdout.lock();
961
962 std::io::copy(&mut reader, &mut writer)
963 .map_err(|err| format_err!("unable to pipe data - {}", err))?;
964 }
965 } else {
966 bail!("unknown archive file extension (expected .pxar of .img)");
967 }
968
969 Ok(Value::Null)
970 }
971
972 fn upload_log(
973 param: Value,
974 _info: &ApiMethod,
975 _rpcenv: &mut dyn RpcEnvironment,
976 ) -> Result<Value, Error> {
977
978 let logfile = tools::required_string_param(&param, "logfile")?;
979 let repo = extract_repository_from_value(&param)?;
980
981 let snapshot = tools::required_string_param(&param, "snapshot")?;
982 let snapshot = BackupDir::parse(snapshot)?;
983
984 let mut client = HttpClient::new(repo.host(), repo.user())?;
985
986 let keyfile = param["keyfile"].as_str().map(|p| PathBuf::from(p));
987
988 let crypt_config = match keyfile {
989 None => None,
990 Some(path) => {
991 let (key, _created) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
992 let crypt_config = CryptConfig::new(key)?;
993 Some(crypt_config)
994 }
995 };
996
997 let data = file_get_contents(logfile)?;
998
999 let blob = if let Some(ref crypt_config) = crypt_config {
1000 DataBlob::encode(&data, Some(crypt_config), true)?
1001 } else {
1002 DataBlob::encode(&data, None, true)?
1003 };
1004
1005 let raw_data = blob.into_inner();
1006
1007 let path = format!("api2/json/admin/datastore/{}/upload-backup-log", repo.store());
1008
1009 let args = json!({
1010 "backup-type": snapshot.group().backup_type(),
1011 "backup-id": snapshot.group().backup_id(),
1012 "backup-time": snapshot.backup_time().timestamp(),
1013 });
1014
1015 let body = hyper::Body::from(raw_data);
1016
1017 let result = client.upload("application/octet-stream", body, &path, Some(args)).wait()?;
1018
1019 Ok(result)
1020 }
1021
1022 fn prune(
1023 mut param: Value,
1024 _info: &ApiMethod,
1025 _rpcenv: &mut dyn RpcEnvironment,
1026 ) -> Result<Value, Error> {
1027
1028 let repo = extract_repository_from_value(&param)?;
1029
1030 let mut client = HttpClient::new(repo.host(), repo.user())?;
1031
1032 let path = format!("api2/json/admin/datastore/{}/prune", repo.store());
1033
1034 let group = tools::required_string_param(&param, "group")?;
1035 let group = BackupGroup::parse(group)?;
1036
1037 param.as_object_mut().unwrap().remove("repository");
1038 param.as_object_mut().unwrap().remove("group");
1039
1040 param["backup-type"] = group.backup_type().into();
1041 param["backup-id"] = group.backup_id().into();
1042
1043 let _result = client.post(&path, Some(param)).wait()?;
1044
1045 record_repository(&repo);
1046
1047 Ok(Value::Null)
1048 }
1049
1050 fn status(
1051 param: Value,
1052 _info: &ApiMethod,
1053 _rpcenv: &mut dyn RpcEnvironment,
1054 ) -> Result<Value, Error> {
1055
1056 let repo = extract_repository_from_value(&param)?;
1057
1058 let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
1059
1060 let client = HttpClient::new(repo.host(), repo.user())?;
1061
1062 let path = format!("api2/json/admin/datastore/{}/status", repo.store());
1063
1064 let result = client.get(&path, None).wait()?;
1065 let data = &result["data"];
1066
1067 record_repository(&repo);
1068
1069 if output_format == "text" {
1070 let total = data["total"].as_u64().unwrap();
1071 let used = data["used"].as_u64().unwrap();
1072 let avail = data["avail"].as_u64().unwrap();
1073 let roundup = total/200;
1074
1075 println!(
1076 "total: {} used: {} ({} %) available: {}",
1077 total,
1078 used,
1079 ((used+roundup)*100)/total,
1080 avail,
1081 );
1082 } else {
1083 format_and_print_result(data, &output_format);
1084 }
1085
1086 Ok(Value::Null)
1087 }
1088
1089 // like get, but simply ignore errors and return Null instead
1090 fn try_get(repo: &BackupRepository, url: &str) -> Value {
1091
1092 let client = match HttpClient::new(repo.host(), repo.user()) {
1093 Ok(v) => v,
1094 _ => return Value::Null,
1095 };
1096
1097 let mut resp = match client.get(url, None).wait() {
1098 Ok(v) => v,
1099 _ => return Value::Null,
1100 };
1101
1102 if let Some(map) = resp.as_object_mut() {
1103 if let Some(data) = map.remove("data") {
1104 return data;
1105 }
1106 }
1107 Value::Null
1108 }
1109
1110 fn complete_backup_group(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1111
1112 let mut result = vec![];
1113
1114 let repo = match extract_repository_from_map(param) {
1115 Some(v) => v,
1116 _ => return result,
1117 };
1118
1119 let path = format!("api2/json/admin/datastore/{}/groups", repo.store());
1120
1121 let data = try_get(&repo, &path);
1122
1123 if let Some(list) = data.as_array() {
1124 for item in list {
1125 if let (Some(backup_id), Some(backup_type)) =
1126 (item["backup-id"].as_str(), item["backup-type"].as_str())
1127 {
1128 result.push(format!("{}/{}", backup_type, backup_id));
1129 }
1130 }
1131 }
1132
1133 result
1134 }
1135
1136 fn complete_group_or_snapshot(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1137
1138 if arg.matches('/').count() < 2 {
1139 let groups = complete_backup_group(arg, param);
1140 let mut result = vec![];
1141 for group in groups {
1142 result.push(group.to_string());
1143 result.push(format!("{}/", group));
1144 }
1145 return result;
1146 }
1147
1148 complete_backup_snapshot(arg, param)
1149 }
1150
1151 fn complete_backup_snapshot(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1152
1153 let mut result = vec![];
1154
1155 let repo = match extract_repository_from_map(param) {
1156 Some(v) => v,
1157 _ => return result,
1158 };
1159
1160 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
1161
1162 let data = try_get(&repo, &path);
1163
1164 if let Some(list) = data.as_array() {
1165 for item in list {
1166 if let (Some(backup_id), Some(backup_type), Some(backup_time)) =
1167 (item["backup-id"].as_str(), item["backup-type"].as_str(), item["backup-time"].as_i64())
1168 {
1169 let snapshot = BackupDir::new(backup_type, backup_id, backup_time);
1170 result.push(snapshot.relative_path().to_str().unwrap().to_owned());
1171 }
1172 }
1173 }
1174
1175 result
1176 }
1177
1178 fn complete_server_file_name(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1179
1180 let mut result = vec![];
1181
1182 let repo = match extract_repository_from_map(param) {
1183 Some(v) => v,
1184 _ => return result,
1185 };
1186
1187 let snapshot = match param.get("snapshot") {
1188 Some(path) => {
1189 match BackupDir::parse(path) {
1190 Ok(v) => v,
1191 _ => return result,
1192 }
1193 }
1194 _ => return result,
1195 };
1196
1197 let query = tools::json_object_to_query(json!({
1198 "backup-type": snapshot.group().backup_type(),
1199 "backup-id": snapshot.group().backup_id(),
1200 "backup-time": snapshot.backup_time().timestamp(),
1201 })).unwrap();
1202
1203 let path = format!("api2/json/admin/datastore/{}/files?{}", repo.store(), query);
1204
1205 let data = try_get(&repo, &path);
1206
1207 if let Some(list) = data.as_array() {
1208 for item in list {
1209 if let Some(filename) = item["filename"].as_str() {
1210 result.push(filename.to_owned());
1211 }
1212 }
1213 }
1214
1215 result
1216 }
1217
1218 fn complete_archive_name(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1219
1220 complete_server_file_name(arg, param)
1221 .iter().map(|v| strip_server_file_expenstion(&v)).collect()
1222 }
1223
1224 fn complete_chunk_size(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
1225
1226 let mut result = vec![];
1227
1228 let mut size = 64;
1229 loop {
1230 result.push(size.to_string());
1231 size = size * 2;
1232 if size > 4096 { break; }
1233 }
1234
1235 result
1236 }
1237
1238 fn get_encryption_key_password() -> Result<Vec<u8>, Error> {
1239
1240 // fixme: implement other input methods
1241
1242 use std::env::VarError::*;
1243 match std::env::var("PBS_ENCRYPTION_PASSWORD") {
1244 Ok(p) => return Ok(p.as_bytes().to_vec()),
1245 Err(NotUnicode(_)) => bail!("PBS_ENCRYPTION_PASSWORD contains bad characters"),
1246 Err(NotPresent) => {
1247 // Try another method
1248 }
1249 }
1250
1251 // If we're on a TTY, query the user for a password
1252 if crate::tools::tty::stdin_isatty() {
1253 return Ok(crate::tools::tty::read_password("Encryption Key Password: ")?);
1254 }
1255
1256 bail!("no password input mechanism available");
1257 }
1258
1259 fn key_create(
1260 param: Value,
1261 _info: &ApiMethod,
1262 _rpcenv: &mut dyn RpcEnvironment,
1263 ) -> Result<Value, Error> {
1264
1265 let path = tools::required_string_param(&param, "path")?;
1266 let path = PathBuf::from(path);
1267
1268 let kdf = param["kdf"].as_str().unwrap_or("scrypt");
1269
1270 let key = proxmox::sys::linux::random_data(32)?;
1271
1272 if kdf == "scrypt" {
1273 // always read passphrase from tty
1274 if !crate::tools::tty::stdin_isatty() {
1275 bail!("unable to read passphrase - no tty");
1276 }
1277
1278 let password = crate::tools::tty::read_password("Encryption Key Password: ")?;
1279
1280 let key_config = encrypt_key_with_passphrase(&key, &password)?;
1281
1282 store_key_config(&path, false, key_config)?;
1283
1284 Ok(Value::Null)
1285 } else if kdf == "none" {
1286 let created = Local.timestamp(Local::now().timestamp(), 0);
1287
1288 store_key_config(&path, false, KeyConfig {
1289 kdf: None,
1290 created,
1291 modified: created,
1292 data: key,
1293 })?;
1294
1295 Ok(Value::Null)
1296 } else {
1297 unreachable!();
1298 }
1299 }
1300
1301 fn master_pubkey_path() -> Result<PathBuf, Error> {
1302 let base = BaseDirectories::with_prefix("proxmox-backup")?;
1303
1304 // usually $HOME/.config/proxmox-backup/master-public.pem
1305 let path = base.place_config_file("master-public.pem")?;
1306
1307 Ok(path)
1308 }
1309
1310 fn key_import_master_pubkey(
1311 param: Value,
1312 _info: &ApiMethod,
1313 _rpcenv: &mut dyn RpcEnvironment,
1314 ) -> Result<Value, Error> {
1315
1316 let path = tools::required_string_param(&param, "path")?;
1317 let path = PathBuf::from(path);
1318
1319 let pem_data = file_get_contents(&path)?;
1320
1321 if let Err(err) = openssl::pkey::PKey::public_key_from_pem(&pem_data) {
1322 bail!("Unable to decode PEM data - {}", err);
1323 }
1324
1325 let target_path = master_pubkey_path()?;
1326
1327 file_set_contents(&target_path, &pem_data, None)?;
1328
1329 println!("Imported public master key to {:?}", target_path);
1330
1331 Ok(Value::Null)
1332 }
1333
1334 fn key_create_master_key(
1335 _param: Value,
1336 _info: &ApiMethod,
1337 _rpcenv: &mut dyn RpcEnvironment,
1338 ) -> Result<Value, Error> {
1339
1340 // we need a TTY to query the new password
1341 if !crate::tools::tty::stdin_isatty() {
1342 bail!("unable to create master key - no tty");
1343 }
1344
1345 let rsa = openssl::rsa::Rsa::generate(4096)?;
1346 let pkey = openssl::pkey::PKey::from_rsa(rsa)?;
1347
1348 let new_pw = String::from_utf8(crate::tools::tty::read_password("Master Key Password: ")?)?;
1349 let verify_pw = String::from_utf8(crate::tools::tty::read_password("Verify Password: ")?)?;
1350
1351 if new_pw != verify_pw {
1352 bail!("Password verification fail!");
1353 }
1354
1355 if new_pw.len() < 5 {
1356 bail!("Password is too short!");
1357 }
1358
1359 let pub_key: Vec<u8> = pkey.public_key_to_pem()?;
1360 let filename_pub = "master-public.pem";
1361 println!("Writing public master key to {}", filename_pub);
1362 file_set_contents(filename_pub, pub_key.as_slice(), None)?;
1363
1364 let cipher = openssl::symm::Cipher::aes_256_cbc();
1365 let priv_key: Vec<u8> = pkey.private_key_to_pem_pkcs8_passphrase(cipher, new_pw.as_bytes())?;
1366
1367 let filename_priv = "master-private.pem";
1368 println!("Writing private master key to {}", filename_priv);
1369 file_set_contents(filename_priv, priv_key.as_slice(), None)?;
1370
1371 Ok(Value::Null)
1372 }
1373
1374 fn key_change_passphrase(
1375 param: Value,
1376 _info: &ApiMethod,
1377 _rpcenv: &mut dyn RpcEnvironment,
1378 ) -> Result<Value, Error> {
1379
1380 let path = tools::required_string_param(&param, "path")?;
1381 let path = PathBuf::from(path);
1382
1383 let kdf = param["kdf"].as_str().unwrap_or("scrypt");
1384
1385 // we need a TTY to query the new password
1386 if !crate::tools::tty::stdin_isatty() {
1387 bail!("unable to change passphrase - no tty");
1388 }
1389
1390 let (key, created) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
1391
1392 if kdf == "scrypt" {
1393
1394 let new_pw = String::from_utf8(crate::tools::tty::read_password("New Password: ")?)?;
1395 let verify_pw = String::from_utf8(crate::tools::tty::read_password("Verify Password: ")?)?;
1396
1397 if new_pw != verify_pw {
1398 bail!("Password verification fail!");
1399 }
1400
1401 if new_pw.len() < 5 {
1402 bail!("Password is too short!");
1403 }
1404
1405 let mut new_key_config = encrypt_key_with_passphrase(&key, new_pw.as_bytes())?;
1406 new_key_config.created = created; // keep original value
1407
1408 store_key_config(&path, true, new_key_config)?;
1409
1410 Ok(Value::Null)
1411 } else if kdf == "none" {
1412 let modified = Local.timestamp(Local::now().timestamp(), 0);
1413
1414 store_key_config(&path, true, KeyConfig {
1415 kdf: None,
1416 created, // keep original value
1417 modified,
1418 data: key.to_vec(),
1419 })?;
1420
1421 Ok(Value::Null)
1422 } else {
1423 unreachable!();
1424 }
1425 }
1426
1427 fn key_mgmt_cli() -> CliCommandMap {
1428
1429 let kdf_schema: Arc<Schema> = Arc::new(
1430 StringSchema::new("Key derivation function. Choose 'none' to store the key unecrypted.")
1431 .format(Arc::new(ApiStringFormat::Enum(&["scrypt", "none"])))
1432 .default("scrypt")
1433 .into()
1434 );
1435
1436 let key_create_cmd_def = CliCommand::new(
1437 ApiMethod::new(
1438 key_create,
1439 ObjectSchema::new("Create a new encryption key.")
1440 .required("path", StringSchema::new("File system path."))
1441 .optional("kdf", kdf_schema.clone())
1442 ))
1443 .arg_param(vec!["path"])
1444 .completion_cb("path", tools::complete_file_name);
1445
1446 let key_change_passphrase_cmd_def = CliCommand::new(
1447 ApiMethod::new(
1448 key_change_passphrase,
1449 ObjectSchema::new("Change the passphrase required to decrypt the key.")
1450 .required("path", StringSchema::new("File system path."))
1451 .optional("kdf", kdf_schema.clone())
1452 ))
1453 .arg_param(vec!["path"])
1454 .completion_cb("path", tools::complete_file_name);
1455
1456 let key_create_master_key_cmd_def = CliCommand::new(
1457 ApiMethod::new(
1458 key_create_master_key,
1459 ObjectSchema::new("Create a new 4096 bit RSA master pub/priv key pair.")
1460 ));
1461
1462 let key_import_master_pubkey_cmd_def = CliCommand::new(
1463 ApiMethod::new(
1464 key_import_master_pubkey,
1465 ObjectSchema::new("Import a new RSA public key and use it as master key. The key is expected to be in '.pem' format.")
1466 .required("path", StringSchema::new("File system path."))
1467 ))
1468 .arg_param(vec!["path"])
1469 .completion_cb("path", tools::complete_file_name);
1470
1471 let cmd_def = CliCommandMap::new()
1472 .insert("create".to_owned(), key_create_cmd_def.into())
1473 .insert("create-master-key".to_owned(), key_create_master_key_cmd_def.into())
1474 .insert("import-master-pubkey".to_owned(), key_import_master_pubkey_cmd_def.into())
1475 .insert("change-passphrase".to_owned(), key_change_passphrase_cmd_def.into());
1476
1477 cmd_def
1478 }
1479
1480 fn main() {
1481
1482 let backup_source_schema: Arc<Schema> = Arc::new(
1483 StringSchema::new("Backup source specification ([<label>:<path>]).")
1484 .format(Arc::new(ApiStringFormat::Pattern(&BACKUPSPEC_REGEX)))
1485 .into()
1486 );
1487
1488 let backup_cmd_def = CliCommand::new(
1489 ApiMethod::new(
1490 create_backup,
1491 ObjectSchema::new("Create (host) backup.")
1492 .required(
1493 "backupspec",
1494 ArraySchema::new(
1495 "List of backup source specifications ([<label.ext>:<path>] ...)",
1496 backup_source_schema,
1497 ).min_length(1)
1498 )
1499 .optional("repository", REPO_URL_SCHEMA.clone())
1500 .optional(
1501 "include-dev",
1502 ArraySchema::new(
1503 "Include mountpoints with same st_dev number (see ``man fstat``) as specified files.",
1504 StringSchema::new("Path to file.").into()
1505 )
1506 )
1507 .optional(
1508 "keyfile",
1509 StringSchema::new("Path to encryption key. All data will be encrypted using this key."))
1510 .optional(
1511 "verbose",
1512 BooleanSchema::new("Verbose output.").default(false))
1513 .optional(
1514 "skip-lost-and-found",
1515 BooleanSchema::new("Skip lost+found directory").default(false))
1516 .optional(
1517 "backup-type",
1518 BACKUP_TYPE_SCHEMA.clone()
1519 )
1520 .optional(
1521 "backup-id",
1522 BACKUP_ID_SCHEMA.clone()
1523 )
1524 .optional(
1525 "backup-time",
1526 BACKUP_TIME_SCHEMA.clone()
1527 )
1528 .optional(
1529 "chunk-size",
1530 IntegerSchema::new("Chunk size in KB. Must be a power of 2.")
1531 .minimum(64)
1532 .maximum(4096)
1533 .default(4096)
1534 )
1535 ))
1536 .arg_param(vec!["backupspec"])
1537 .completion_cb("repository", complete_repository)
1538 .completion_cb("backupspec", complete_backup_source)
1539 .completion_cb("keyfile", tools::complete_file_name)
1540 .completion_cb("chunk-size", complete_chunk_size);
1541
1542 let upload_log_cmd_def = CliCommand::new(
1543 ApiMethod::new(
1544 upload_log,
1545 ObjectSchema::new("Upload backup log file.")
1546 .required("snapshot", StringSchema::new("Snapshot path."))
1547 .required("logfile", StringSchema::new("The path to the log file you want to upload."))
1548 .optional("repository", REPO_URL_SCHEMA.clone())
1549 .optional(
1550 "keyfile",
1551 StringSchema::new("Path to encryption key. All data will be encrypted using this key."))
1552 ))
1553 .arg_param(vec!["snapshot", "logfile"])
1554 .completion_cb("snapshot", complete_backup_snapshot)
1555 .completion_cb("logfile", tools::complete_file_name)
1556 .completion_cb("keyfile", tools::complete_file_name)
1557 .completion_cb("repository", complete_repository);
1558
1559 let list_cmd_def = CliCommand::new(
1560 ApiMethod::new(
1561 list_backup_groups,
1562 ObjectSchema::new("List backup groups.")
1563 .optional("repository", REPO_URL_SCHEMA.clone())
1564 .optional("output-format", OUTPUT_FORMAT.clone())
1565 ))
1566 .completion_cb("repository", complete_repository);
1567
1568 let snapshots_cmd_def = CliCommand::new(
1569 ApiMethod::new(
1570 list_snapshots,
1571 ObjectSchema::new("List backup snapshots.")
1572 .optional("group", StringSchema::new("Backup group."))
1573 .optional("repository", REPO_URL_SCHEMA.clone())
1574 .optional("output-format", OUTPUT_FORMAT.clone())
1575 ))
1576 .arg_param(vec!["group"])
1577 .completion_cb("group", complete_backup_group)
1578 .completion_cb("repository", complete_repository);
1579
1580 let forget_cmd_def = CliCommand::new(
1581 ApiMethod::new(
1582 forget_snapshots,
1583 ObjectSchema::new("Forget (remove) backup snapshots.")
1584 .required("snapshot", StringSchema::new("Snapshot path."))
1585 .optional("repository", REPO_URL_SCHEMA.clone())
1586 ))
1587 .arg_param(vec!["snapshot"])
1588 .completion_cb("repository", complete_repository)
1589 .completion_cb("snapshot", complete_backup_snapshot);
1590
1591 let garbage_collect_cmd_def = CliCommand::new(
1592 ApiMethod::new(
1593 start_garbage_collection,
1594 ObjectSchema::new("Start garbage collection for a specific repository.")
1595 .optional("repository", REPO_URL_SCHEMA.clone())
1596 ))
1597 .completion_cb("repository", complete_repository);
1598
1599 let restore_cmd_def = CliCommand::new(
1600 ApiMethod::new(
1601 restore,
1602 ObjectSchema::new("Restore backup repository.")
1603 .required("snapshot", StringSchema::new("Group/Snapshot path."))
1604 .required("archive-name", StringSchema::new("Backup archive name."))
1605 .required("target", StringSchema::new(r###"Target directory path. Use '-' to write to stdandard output.
1606
1607 We do not extraxt '.pxar' archives when writing to stdandard output.
1608
1609 "###
1610 ))
1611 .optional(
1612 "allow-existing-dirs",
1613 BooleanSchema::new("Do not fail if directories already exists.").default(false))
1614 .optional("repository", REPO_URL_SCHEMA.clone())
1615 .optional("keyfile", StringSchema::new("Path to encryption key."))
1616 .optional(
1617 "verbose",
1618 BooleanSchema::new("Verbose output.").default(false)
1619 )
1620 ))
1621 .arg_param(vec!["snapshot", "archive-name", "target"])
1622 .completion_cb("repository", complete_repository)
1623 .completion_cb("snapshot", complete_group_or_snapshot)
1624 .completion_cb("archive-name", complete_archive_name)
1625 .completion_cb("target", tools::complete_file_name);
1626
1627 let files_cmd_def = CliCommand::new(
1628 ApiMethod::new(
1629 list_snapshot_files,
1630 ObjectSchema::new("List snapshot files.")
1631 .required("snapshot", StringSchema::new("Snapshot path."))
1632 .optional("repository", REPO_URL_SCHEMA.clone())
1633 .optional("output-format", OUTPUT_FORMAT.clone())
1634 ))
1635 .arg_param(vec!["snapshot"])
1636 .completion_cb("repository", complete_repository)
1637 .completion_cb("snapshot", complete_backup_snapshot);
1638
1639 let catalog_cmd_def = CliCommand::new(
1640 ApiMethod::new(
1641 dump_catalog,
1642 ObjectSchema::new("Dump catalog.")
1643 .required("snapshot", StringSchema::new("Snapshot path."))
1644 .optional("repository", REPO_URL_SCHEMA.clone())
1645 ))
1646 .arg_param(vec!["snapshot"])
1647 .completion_cb("repository", complete_repository)
1648 .completion_cb("snapshot", complete_backup_snapshot);
1649
1650 let prune_cmd_def = CliCommand::new(
1651 ApiMethod::new(
1652 prune,
1653 proxmox_backup::api2::admin::datastore::add_common_prune_prameters(
1654 ObjectSchema::new("Prune backup repository.")
1655 .required("group", StringSchema::new("Backup group."))
1656 .optional("repository", REPO_URL_SCHEMA.clone())
1657 )
1658 ))
1659 .arg_param(vec!["group"])
1660 .completion_cb("group", complete_backup_group)
1661 .completion_cb("repository", complete_repository);
1662
1663 let status_cmd_def = CliCommand::new(
1664 ApiMethod::new(
1665 status,
1666 ObjectSchema::new("Get repository status.")
1667 .optional("repository", REPO_URL_SCHEMA.clone())
1668 .optional("output-format", OUTPUT_FORMAT.clone())
1669 ))
1670 .completion_cb("repository", complete_repository);
1671
1672 let login_cmd_def = CliCommand::new(
1673 ApiMethod::new(
1674 api_login,
1675 ObjectSchema::new("Try to login. If successful, store ticket.")
1676 .optional("repository", REPO_URL_SCHEMA.clone())
1677 ))
1678 .completion_cb("repository", complete_repository);
1679
1680 let logout_cmd_def = CliCommand::new(
1681 ApiMethod::new(
1682 api_logout,
1683 ObjectSchema::new("Logout (delete stored ticket).")
1684 .optional("repository", REPO_URL_SCHEMA.clone())
1685 ))
1686 .completion_cb("repository", complete_repository);
1687
1688 let cmd_def = CliCommandMap::new()
1689 .insert("backup".to_owned(), backup_cmd_def.into())
1690 .insert("upload-log".to_owned(), upload_log_cmd_def.into())
1691 .insert("forget".to_owned(), forget_cmd_def.into())
1692 .insert("catalog".to_owned(), catalog_cmd_def.into())
1693 .insert("garbage-collect".to_owned(), garbage_collect_cmd_def.into())
1694 .insert("list".to_owned(), list_cmd_def.into())
1695 .insert("login".to_owned(), login_cmd_def.into())
1696 .insert("logout".to_owned(), logout_cmd_def.into())
1697 .insert("prune".to_owned(), prune_cmd_def.into())
1698 .insert("restore".to_owned(), restore_cmd_def.into())
1699 .insert("snapshots".to_owned(), snapshots_cmd_def.into())
1700 .insert("files".to_owned(), files_cmd_def.into())
1701 .insert("status".to_owned(), status_cmd_def.into())
1702 .insert("key".to_owned(), key_mgmt_cli().into());
1703
1704 hyper::rt::run(futures::future::lazy(move || {
1705 run_cli_command(cmd_def.into());
1706 Ok(())
1707 }));
1708
1709 }
Proxmox Backup Server and Client